Abstract
Technology has been nurturing a wide range of applications in the past decades, assisting humans in automating some of their daily tasks. Nevertheless, more advanced technology systems also expose some potential flaws, which encourage malicious users to explore and break their security. Researchers attempted to overcome such problems by fostering intrusion detection systems, which are security layers that try to detect mischievous attempts. Apart from that, increasing demand for machine learning also enabled the possibility of combining such approaches in order to provide more robust detection systems. In this context, we introduce a novel approach to deal with anomaly detection, where instead of using the problem’s raw features, we project them through a restricted Boltzmann machine. The intended approach was assessed under a well-known literature anomaly detection dataset and achieved suitable results, better than some state-of-the-art approaches.
Similar content being viewed by others
Notes
The experiment’s source code is available at https://github.com/danielfssantos/anomaly_detection.
References
Aldweesh A, Derhab A, Emam AZ (2020) Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl Based Syst 189:105124
Bhuyan M, Bhattacharyya D, Kalita J (2014) Network anomaly detection: methods, systems and tools. IEEE Commun Surv Tutor 16(1):303–336
Bijone M (2016) A survey on secure network: intrusion detection and prevention approaches. Am J Inf Syst 4(3):69–88
Chalapathy R, Chawla, S (2019) Deep learning for anomaly detection: a survey. arXiv preprint arXiv:1901.03407
Cisco (2013) The 2018 Cisco annual security report. Cisco Systems
Gan XS, Duanmu JS, Wang JF, Cong W (2013) Anomaly intrusion detection based on PLS feature extraction and core vector machine. Knowl Based Syst 40:1–6
Hinton G (2002) Training products of experts by minimizing contrastive divergence. Neural Comput 14(8):1771–1800
Hinton G (2012) A practical guide to training restricted Boltzmann machines. Neural networks: tricks of the trade. Lecture notes in computer science, vol 7700. Springer, Berlin, pp 599–619
Hodo, E, Bellekens, X, Hamilton, A, Tachtatzis, CAtkinson, R (2017) Shallow and deep networks intrusion detection system: a taxonomy and survey. arXiv preprint arXiv:1701.02145
Kaushik SS, Deshmukh P (2011) Detection of attacks in an intrusion detection system. Int J Comput Sci Inf Technol (IJCSIT) 2(3):982–986
Lippmann R, Fried D, Graf I, Haines J, Kendall K, McClung D, Weber D, Webster S, Wyschogrod D, Cunningham R, Zissman M (2000) Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation. Proceedings DARPA Information Survivability Conference and Exposition, vol 2. Hilton Head, pp 12–26. https://doi.org/10.1109/DISCEX.2000.821506
Moustafa N, Hu J, Slay J (2019) A holistic review of network anomaly detection systems: a comprehensive survey. J Netw Comput Appl 128:33–55
Schmidt L, Santurkar S, Tsipras D, Talwar K, Madry A (2018) Adversarially robust generalization requires more data. In: Advances in neural information processing systems, pp 5014–5026
Shahbaz MB, Wang X, Behnad A, Samarabandu J (2016) On efficiency enhancement of the correlation-based feature selection for intrusion detection systems. In: 2016 IEEE 7th annual information technology, electronics and mobile communication conference (IEMCON). IEEE, pp 1–7
Srivastava N, Salakhutdinov, RR (2016) Multimodal learning with deep Boltzmann machines. In: Advances in neural information processing systems, pp 2222–2230 (2016)
Stolfo S, Fan W, Lee W, Prodromidis A, Chan P (2000) Cost-based modeling for fraud and intrusion detection: results from the jam project, vol 2, pp 130–144. https://doi.org/10.1109/DISCEX.2000.821515
Tama B, Comuzzi M, Rhee K (2019) Tse-ids: a two-stage classifier ensemble for intelligent anomaly-based intrusion detection system. IEEE Access 7:94497–94507
Tama B, Rhee K (2016) Performance analysis of multiple classifier system in dos attack detection. Revised Selected Papers of the 16th International Workshop on Information Security Applications, vol 9503. Springer, Berlin, pp 339–347. https://dl.acm.org/doi/10.1007/978-3-319-31875-2_28
Tama BA, Patil AS, Rhee K (2017) An improved model of anomaly detection using two-level classifier ensemble. In: 12th Asia joint conference on information security (AsiaJCIS), Seoul, pp 1–4. https://doi.org/10.1109/AsiaJCIS.2017.9
Tavallaee M, Bagheri E, Lu W, Ghorbani A (2009) A detailed analysis of the KDD cup 99 data set. In: Proceedings of the second IEEE international conference on computational intelligence for security and defense applications, CISDA’09. IEEE Press, Piscataway, NJ, USA, pp 53–58
Tieleman T (2008) Training restricted Boltzmann machines using approximations to the likelihood gradient. In: Proceedings of the 25th international conference on Machine learning. ACM, pp 1064–1071
van Oorschot PC (2020) Intrusion detection and network-based attacks. In: Computer security and the internet. Springer, pp 309–338
Wang J, Shan Z, Gupta M, Rao HR (2019) A longitudinal study of unauthorized access attempts on information systems: the role of opportunity contexts. MIS Q 43(2):601–622
Acknowledgements
The authors appreciate São Paulo Research Foundation (FAPESP) Grants #2019/02205-5 and #2019/07825-1, as well as Petrobras Grant #2017/00285-6.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Rosa, G.H.d., Roder, M., Santos, D.F.S. et al. Enhancing anomaly detection through restricted Boltzmann machine features projection. Int. j. inf. tecnol. 13, 49–57 (2021). https://doi.org/10.1007/s41870-020-00535-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-020-00535-4